MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available …
A quick guide for small cybersecurity teams looking to invest in cyber insurance
In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do …
Medibank data breach: More customers affected, attacker got in via stolen credentials
Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially …
Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)
For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 …
To retain cybersecurity professionals, keep remote work as an option
(ISC)² highlighted a stark increase in the shortage of cybersecurity professionals as it announced the findings of its 2022 (ISC)² Cybersecurity Workforce Study. The study …
The long-term psychological effects of ransomware attacks
Northwave has conducted scientific research into the psychological effects of a ransomware crisis on both organizations and individuals. The findings reveal the deep marks …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
Consumer behaviors are the root of open source risk
Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …
Week in review: CISA releases RedEye, Apache Commons Text flaw, Medibank data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Medibank hack turned into a data breach: The attackers are demanding money …
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to …
Medibank hack turned into a data breach: The attackers are demanding money
Medibank, Australia’s largest private health insurance provider, has confirmed that last week’s “cyber incident” has resulted in a data breach. …
New infosec products of the week: October 21, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA. Code42 enhances …
Featured news
Resources
Don't miss
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem
- Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18